Cordon

Changelog

What shipped

New detection layers and improvements, newest first.

Scraper detection goes live

  • Request-velocity detection: catches crawlers by pacing, not just signatures
  • Spoofed-crawler detection: a Googlebot user-agent from the wrong network is now blocked
  • Curated datacenter ASN list covering major hosting providers
  • Quota emails at 75%, 90%, and 100% of your plan's visitor limit

Search engines are always allowed

  • Verified search engines and good bots can no longer be blocked, by any rule
  • Crawler verification runs at the network level, not just user-agent
  • Feature request voting board added to the admin

Precision pass on fraud detection

  • Fraud-score threshold: VPN blocking now spares low-risk privacy users
  • iCloud Private Relay allowlisted by default
  • Bot detection narrowed to confirmed automation only

Foundation release

  • Country blocking with 200+ countries and one-click presets
  • VPN, proxy, and Tor detection (Growth plan and up)
  • Live visitor log with SHA-256 hashed IPs
  • Customizable block screen and allowlist